SB20260626121 - Improper input validation in Linux kernel ipv6
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper input validation (CVE-ID: CVE-2026-53221)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause traffic to be associated with the wrong tunnel.
The vulnerability exists due to improper input validation in vti6_tnl_lookup() when matching IPv6 VTI tunnels during fallback wildcard tunnel searches. A remote attacker can send network traffic that triggers a hash collision and incorrect tunnel selection to cause traffic to be associated with the wrong tunnel.
The issue occurs because candidate tunnels in the fallback search were not verified to actually use wildcard local or remote addresses.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2abfb19bbb81958714ad1d43ebeb65b30394184b
- https://git.kernel.org/stable/c/2fc7bc087cc7085368263d9d37bfe9a0bddd6a2d
- https://git.kernel.org/stable/c/47fb3c2b4203556308e64354b3e78f2ce221d646
- https://git.kernel.org/stable/c/90fd4513315ca07da99cfd8549d3e553a7160f0d
- https://git.kernel.org/stable/c/a5c0359f5cbc51a2e2b114d6041e0f3c73f903e9
- https://git.kernel.org/stable/c/c327fa4fca31415431202e063767a7ae342e19c6
- https://git.kernel.org/stable/c/f513f308cc4bdb4530d033431592ffbc29b7fca1
- https://git.kernel.org/stable/c/fc657ac0767c49839b3ef0b08dc0953ca30883f8